GovCIO is currently hiring for a Sr. Cyber/Cloud Security Specialist to serve as Lead Information Technology Specialist (INFOSEC) and Cybersecurity Operations (SECOPS). This position will be hybrid, mostly remote with occasional onsite time as needed (hybrid) at EEOC HQ in Washington, DC.

• Serve as Lead Information Technology Specialist (INFOSEC), Cybersecurity Operations (SECOPS) responsible for contributing to the Agency’s IT Security Program, directs SECOPS, coordinates, and maintains inputs to EEOC's IT Security Program.
• Advise and support the Chief Information Security Officer (CISO) on developments in Cybersecurity (CS), Information Security (INFOSEC) and IT Security emerging technical threat vectors, advanced persistent threats (APT), attack surface or weaknesses.
• Advise Agency-level technical implementation or introduction of policy and orders, proactively developing supporting documentation and drafts for implementation.
• Direct the Commission’s Cybersecurity Operations (SECOPS) cell, influences a range of the EEOC’s operations, many of which have a direct and corresponding impact to the mission of the EEOC and its' critical infrastructure.
• Enables and administrates incident handling (IH) and response (IR), security incident and event management (SIEM) dashboards, inputs, “playbooks” and metrics to achieve efficiency.
• Facilitates, coordinates, and administers EEOC's Cybersecurity Operations (SECOPS) in support of the Information Security (INFOSEC) Program, and aids Agency Information system security program officers. Ensures accurate and timely status reporting of SOC efficiency metrics and recommends necessary adjustments.
• Advising authority for threat, vulnerability, and configuration management; conveys threat product recommendations to EEOC staff and customers; and provides expertise and insight to OIT for industry attack trends, mitigations, and active defenses.

Bachelor's degree in Cybersecurity, Information Assurance or Information Security with 12+ years (or commensurate experience)

Required Skills and Experience

• Ability to guide discussions, support CISO decisions with or without team support and effectuate positive cybersecurity changes at varying levels - users, developers, system admins, Directors, Managers and Executives where necessary. Typically, engagement is related to varying levels of technical system owner and “SOC” staff. Demonstrated experience as a SOC lead or Senior Team successfully engaging with managed security service providers (MSSP), Joint Cybersecurity external entities (e.g., CISA, CYBERCOM) on incident response (IR), weakness, incident handling (IH) and vulnerability management (VM), including mitigating actions to contain activity and facilitating forensics analysis when necessary.
• Documented applied theory as SOC Manager or Team lead conducting and guiding in-depth evaluations of current INFOSEC/IT Security/Cybersecurity tactics, technics, and procedures, to include their effect on baseline configurations.
• Demonstrated proficiency as a SOC manager or Senior Team lead providing cybersecurity hygiene and posture status, support debriefings and input in support of Governance, Risk, and Compliance (GRC) activities, and ongoing evolutions.
• Provide network subscribers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
• Demonstrated experience as a SOC manager or Senior Team lead with expertise conducting and guide log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources.
• Security implementation techniques and strategies in web services.
• Solid understanding of securing web technology, Microsoft cloud (e.g., Azure, M365, etc.) security knowledge and demonstrable abilities.
• Skilled security evaluation of complex web portals (e.g., Java, APIs, Ruby,; databases (i.e., SQL , Oracle) using commercial or open-source tools such as SQLmap, mongoaudit, etc.
• Near Expert Web Application Attack and Audit Frameworks to include Security evaluation of applications and websites using commercial or open tools NMAP, W3af, etc.
• Near Expert execution of a continuous monitoring and remediation program using commercial or open tools (i.e., Azure Security Center, Defender for Cloud, NMAP, Wireshark, Qualys)
• Near Expert execution of an end-point detection and response (EDR) remediation program using commercial or open tools (i.e., HBSS, SEP, Defender)
• Near Expert knowledge of and experience coordinating security operation center (SOC) principles, incident handling (IH), incident response (IR) as well as exploitation tactics, techniques, and procedures (TTP).
• Facilitate the adoption of security best practices with functional teams (i.e., developers, database administrators, web application administrators) using technical knowledge and interpersonal skills.

Clearance Required: Must be able to acquire an EEOC Public Trust

Preferred Skills and Experience

• Most Desirable Certification(s): CISSP, OSCP, GCIH, GPEN, GSEC, GSNA, GAWN, GCIA, GSE, GWEB, GPPN, GCED, GCID, CCSP, GCWN